← Back to branch summary

~ubuntu-branches/ubuntu/precise/krb5/precise-updates

« back to all changes in this revision

Viewing changes to src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c

  • Committer: Package Import Robot
  • Author(s): Sam Hartman
  • Date: 2011-12-01 19:34:41 UTC
  • mfrom: (28.1.14 sid)
  • Revision ID: package-import@ubuntu.com-20111201193441-9tipg3aru1jsidyv
Tags: 1.10+dfsg~alpha1-6
http://bugs.debian.org/650671
http://bugs.debian.org/650603
http://bugs.debian.org/650611
* Fix segfault with unknown hostnames in krb5_sname_to_principal,
  Closes: #650671
* Indicate that this library breaks libsmbclient versions that depend on
  krb5_locate_kdc, Closes: #650603, #650611

Show diffs side-by-side

added added

removed removed

Lines of Context:
src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c
1
1
/* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
 
2
/* plugins/kdb/ldap/libkdb_ldap/kdb_ldap_conn.c */
2
3
/*
3
 
 * lib/kdb/kdb_ldap/kdb_ldap_conn.c
4
 
 *
5
4
 * Copyright (c) 2004-2005, Novell, Inc.
6
5
 * All rights reserved.
7
6
 *
47
46
 
48
47
    if (ldap_context->bind_dn == NULL) {
49
48
        st = EINVAL;
50
 
        krb5_set_error_message(context, st, "LDAP bind dn value missing ");
 
49
        krb5_set_error_message(context, st, _("LDAP bind dn value missing "));
51
50
        goto err_out;
52
51
    }
53
52
 
54
53
    if (ldap_context->bind_pwd == NULL && ldap_context->service_password_file == NULL) {
55
54
        st = EINVAL;
56
 
        krb5_set_error_message(context, st, "LDAP bind password value missing ");
 
55
        krb5_set_error_message(context, st,
 
56
                               _("LDAP bind password value missing "));
57
57
        goto err_out;
58
58
    }
59
59
 
60
60
    if (ldap_context->bind_pwd == NULL && ldap_context->service_password_file !=
61
61
        NULL && ldap_context->service_cert_path == NULL) {
62
62
        if ((st=krb5_ldap_readpassword(context, ldap_context, &password)) != 0) {
63
 
            prepend_err_str(context, "Error reading password from stash: ", st, st);
 
63
            prepend_err_str(context, _("Error reading password from stash: "),
 
64
                            st, st);
64
65
            goto err_out;
65
66
        }
66
67
 
78
79
            ldap_context->bind_pwd = (char *)password;
79
80
            if (ldap_context->bind_pwd == NULL) {
80
81
                st = EINVAL;
81
 
                krb5_set_error_message(context, st, "Error reading password from stash");
 
82
                krb5_set_error_message(context, st,
 
83
                                       _("Error reading password from stash"));
82
84
                goto err_out;
83
85
            }
84
86
        }
87
89
    /* NULL password not allowed */
88
90
    if (ldap_context->bind_pwd != NULL && strlen(ldap_context->bind_pwd) == 0) {
89
91
        st = EINVAL;
90
 
        krb5_set_error_message(context, st, "Service password length is zero");
 
92
        krb5_set_error_message(context, st,
 
93
                               _("Service password length is zero"));
91
94
        goto err_out;
92
95
    }
93
96
 
252
255
    if (sasl_mech_supported == FALSE) {
253
256
        st = KRB5_KDB_ACCESS_ERROR;
254
257
        krb5_set_error_message (context, st,
255
 
                                "Certificate based authentication requested but "
256
 
                                "not supported by LDAP servers");
 
258
                                _("Certificate based authentication requested "
 
259
                                  "but not supported by LDAP servers"));
257
260
    }
258
261
    return (st);
259
262
}